Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/I0kK8lFUEdPv-eqKMMyljZV7C4o.roa
File: I0kK8lFUEdPv-eqKMMyljZV7C4o.roa (raw, json)
Hash identifier: Q3VKBZJSjAUikf5Cp1W9wOJwDitcZkWKMm49P+1zxlI=
Subject key identifier: 23:49:0A:F2:51:54:11:D3:EF:F9:EA:8A:30:CC:A5:8D:95:7B:0B:8A
Certificate issuer: /CN=ce958f181fb507a0a2a821856b8be0d54b118b85
Certificate serial: 01966C8E0B09937C794FC55920CE14391898
Authority key identifier: CE:95:8F:18:1F:B5:07:A0:A2:A8:21:85:6B:8B:E0:D5:4B:11:8B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpWPGB-1B6CiqCGFa4vg1UsRi4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/I0kK8lFUEdPv-eqKMMyljZV7C4o.roa
Signing time: Fri 25 Apr 2025 10:46:10 +0000
ROA not before: Fri 25 Apr 2025 10:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398465
IP address blocks: 185.126.74.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/zpWPGB-1B6CiqCGFa4vg1UsRi4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/zpWPGB-1B6CiqCGFa4vg1UsRi4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/zpWPGB-1B6CiqCGFa4vg1UsRi4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6c:8e:0b:09:93:7c:79:4f:c5:59:20:ce:14:39:18:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce958f181fb507a0a2a821856b8be0d54b118b85
Validity
Not Before: Apr 25 10:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23490af2515411d3eff9ea8a30cca58d957b0b8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8d:37:de:e1:26:fd:79:86:3b:90:c1:3a:33:
10:7c:74:cc:ee:d4:be:58:ba:7d:ec:5b:04:35:b4:
9f:17:e1:39:2c:83:d1:39:68:34:f8:64:1d:6c:d8:
ee:b2:50:5e:1e:b4:fe:89:9f:a1:4f:c8:77:97:23:
da:29:df:09:43:61:e7:e6:c9:5f:c3:ac:dc:c6:74:
2a:e5:eb:68:7b:7a:67:ac:51:b3:d1:f7:8b:d7:ce:
82:ac:59:c8:e5:35:ae:d8:75:6d:c5:d1:08:80:b3:
04:df:13:81:27:1d:72:c9:a6:55:3d:19:f1:81:2d:
58:73:d6:36:77:b2:8f:cc:0c:0c:5f:77:c3:47:54:
ac:a7:e4:00:04:ea:67:aa:97:14:41:93:e2:dd:19:
c8:e1:e9:c8:d7:5a:a4:74:6d:56:2a:aa:5b:81:be:
fd:77:c0:fa:60:b9:41:bd:ee:24:82:c8:00:af:a9:
ba:b1:b3:4d:26:5e:0a:4f:d7:c2:22:fb:76:5c:a3:
4e:a1:ba:1d:a3:8a:2f:b0:78:de:65:78:5d:3e:67:
44:a1:94:a8:04:0b:ce:07:b2:1f:d3:dc:94:65:c4:
28:ec:4a:89:69:f0:13:5d:e0:e7:1d:4a:12:ee:94:
b8:32:3b:ea:0c:9c:41:34:91:ba:35:c2:63:07:45:
8b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:49:0A:F2:51:54:11:D3:EF:F9:EA:8A:30:CC:A5:8D:95:7B:0B:8A
X509v3 Authority Key Identifier:
keyid:CE:95:8F:18:1F:B5:07:A0:A2:A8:21:85:6B:8B:E0:D5:4B:11:8B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpWPGB-1B6CiqCGFa4vg1UsRi4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/I0kK8lFUEdPv-eqKMMyljZV7C4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/zpWPGB-1B6CiqCGFa4vg1UsRi4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.74.0/23
Signature Algorithm: sha256WithRSAEncryption
24:10:a2:64:a7:a1:e6:cc:67:eb:b4:cf:08:bb:21:7d:50:94:
a5:a2:48:95:e7:83:ca:72:d8:e6:ce:63:39:35:56:d7:ec:e5:
c9:5e:2c:b8:88:a9:5c:08:0b:87:7a:fb:72:44:a3:c6:cf:a9:
66:e4:32:9c:60:d6:fd:cf:74:c9:34:af:7f:c8:a3:4b:c7:17:
4d:8f:6f:d4:37:d3:f4:9e:19:7f:b0:f3:b2:e3:2f:c0:cb:cf:
cd:79:99:7c:28:0b:17:1a:4e:c4:98:32:d5:c6:24:76:2b:42:
52:f4:4e:94:b8:e8:d5:96:19:87:ad:ef:80:c9:32:7c:b8:fd:
d8:66:58:51:90:d5:09:66:9d:32:ea:cb:d5:aa:91:9d:19:40:
e3:87:fd:4f:4a:b0:74:33:67:7e:93:c6:3a:3f:08:bf:bd:4c:
23:13:1e:d6:35:ff:4d:91:c2:ca:db:7d:9e:34:57:1a:fb:3f:
6a:00:e5:61:97:6d:81:ad:b5:29:17:67:88:67:90:02:00:8f:
4a:33:f3:91:36:52:ad:b0:70:b2:db:e3:f0:6a:cc:a4:fd:bf:
60:af:c8:07:61:01:94:af:b9:a3:37:3c:2a:c5:45:40:12:23:
1e:30:10:3a:03:31:02:b7:f8:fc:b4:64:8b:3c:f0:19:10:53:
2b:03:a2:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZsjgsJk3x5T8VZIM4UORiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOTU4ZjE4MWZiNTA3YTBhMmE4MjE4NTZiOGJlMGQ1NGIx
MThiODUwHhcNMjUwNDI1MTA0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQ5MGFmMjUxNTQxMWQzZWZmOWVhOGEzMGNjYTU4ZDk1N2IwYjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxo033uEm/XmGO5DBOjMQfHTM7tS+
WLp97FsENbSfF+E5LIPROWg0+GQdbNjuslBeHrT+iZ+hT8h3lyPaKd8JQ2Hn5slf
w6zcxnQq5etoe3pnrFGz0feL186CrFnI5TWu2HVtxdEIgLME3xOBJx1yyaZVPRnx
gS1Yc9Y2d7KPzAwMX3fDR1Ssp+QABOpnqpcUQZPi3RnI4enI11qkdG1WKqpbgb79
d8D6YLlBve4kgsgAr6m6sbNNJl4KT9fCIvt2XKNOobodo4ovsHjeZXhdPmdEoZSo
BAvOB7If09yUZcQo7EqJafATXeDnHUoS7pS4MjvqDJxBNJG6NcJjB0WLWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNJCvJRVBHT7/nqijDMpY2VewuKMB8GA1UdIwQY
MBaAFM6VjxgftQegoqghhWuL4NVLEYuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenBXUEdCLTFCNkNpcUNHRmE0dmcxVXNSaTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8zZDliZmEtY2ZkMC00NGE4LTg0MmUt
MGRiYjNiOGRiMTVmLzEvSTBrSzhsRlVFZFB2LWVxS01NeWxqWlY3QzRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8zZDliZmEtY2ZkMC00NGE4LTg0MmUtMGRiYjNiOGRiMTVm
LzEvenBXUEdCLTFCNkNpcUNHRmE0dmcxVXNSaTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX5KMA0G
CSqGSIb3DQEBCwUAA4IBAQAkEKJkp6HmzGfrtM8IuyF9UJSlokiV54PKctjmzmM5
NVbX7OXJXiy4iKlcCAuHevtyRKPGz6lm5DKcYNb9z3TJNK9/yKNLxxdNj2/UN9P0
nhl/sPOy4y/Ay8/NeZl8KAsXGk7EmDLVxiR2K0JS9E6UuOjVlhmHre+AyTJ8uP3Y
ZlhRkNUJZp0y6svVqpGdGUDjh/1PSrB0M2d+k8Y6Pwi/vUwjEx7WNf9NkcLK232e
NFca+z9qAOVhl22BrbUpF2eIZ5ACAI9KM/ORNlKtsHCy2+Pwasyk/b9gr8gHYQGU
r7mjNzwqxUVAEiMeMBA6AzECt/j8tGSLPPAZEFMrA6Lj
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:24:06 2025 by rpki-client